Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1310
Views
0
Helpful
4
Replies

Help understanding switch log

polleyjb01
Level 1
Level 1

‎12-07-2023 08:08 AM

I logged into a switch and did show log and saw the below log messages. I see cisco prime logs in 3 times. I'm not sure if that's normal. Judging by the time stamp, I don't think it's a time out. I also see Trustpool Download failed. What does the trustpool message mean? does it have anything to do with cisco prime?

Dec  7 08:44:46 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:44:46 AST Thu Dec 7 2023
000234:

Dec  7 08:48:41 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:48:41 AST Thu Dec 7 2023
000235:

Dec  7 08:48:44 AST: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: CiscoPrime] [Source: xxxxxxxx] [localport: 22] at 08:48:44 AST Thu Dec 7 2023
000236:

Dec  7 08:54:42 AST: %PKI-4-TRUSTPOOL_DOWNLOAD_FAILURE: Trustpool Download failed

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎12-07-2023 08:14 AM - edited ‎12-07-2023 08:15 AM

Look at the common errors :

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/16_xe/smg/xe-16-10/b-sem-16-10-1/b-sem-16-10-1_chapter_0101.html

you need to provide more information, what is the device model and what IOS code running ?

If this is IOS XE - check the bug :

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb76541

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

polleyjb01
Level 1
Level 1
In response to balaji.bandi

‎12-07-2023 08:46 AM

Version 16.9.1r
C9300-48P
CAT9K_IOSXE

I see that the bug is for ios xe version below 17.10.1, 17.9.1. This might be the issue. Is there anything wrong with not updating and just leaving the bug or would that be a bad idea?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to polleyjb01

‎12-07-2023 08:49 AM - edited ‎12-07-2023 08:49 AM

I am guessing - check your smart License configuration

do you have any other configuration related to security ?

Your IOS XE also got old, suggest to upgrade to any thing above 17.6.X

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

M02@rt37
VIP
VIP

‎12-07-2023 08:37 AM

Hello @polleyjb01 

Regarding the "Trustpool Download failed" message, this is related to the PKI and certificate management. The trustpool is a collection of trusted certificates used for various security functions, including SSL/TLS connections.

A "Trustpool Download failure" message typically indicates that the device attempted to download an updated set of trusted certificates (CRLs or other certificates), and the download process failed for some reason. This could be due to issues such as connectivity problems, server unavailability, or misconfiguration.

In this context, it may or may not be directly related to Cisco Prime. It's advisable to investigate further by checking the device's PKI settings, connectivity to the server specified for trustpool downloads, and ensuring that the necessary certificates and configurations are correct.

 

If the issue persists, you may want to consult Cisco Prime logs or documentation to see if there are any specific errors or troubleshooting steps related to trustpool updates.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card